Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
jflyfox jfinal cms 5.1.0 vulnerabilities and exploits
(subscribe to this query)
7.2
CVSSv3
CVE-2022-28505
Jfinal_cms 5.1.0 is vulnerable to SQL Injection via com.jflyfox.system.log.LogController.java.
Jflyfox Jfinal Cms 5.1.0
5.4
CVSSv3
CVE-2022-29648
A cross-site scripting (XSS) vulnerability in Jfinal CMS v5.1.0 allows malicious users to execute arbitrary web scripts or HTML via a crafted X-Forwarded-For request.
Jflyfox Jfinal Cms 5.1.0
9.8
CVSSv3
CVE-2022-30500
Jfinal cms 5.1.0 is vulnerable to SQL Injection.
Jflyfox Jfinal Cms 5.1.0
8.8
CVSSv3
CVE-2022-34928
JFinal CMS v5.1.0 exists to contain a SQL injection vulnerability via /system/user.
Jflyfox Jfinal Cms 5.1.0
5.4
CVSSv3
CVE-2022-33113
Jfinal CMS v5.1.0 allows malicious users to execute arbitrary web scripts or HTML via a crafted payload injected into the keyword text field under the publish blog module.
Jflyfox Jfinal Cms 5.1.0
7.2
CVSSv3
CVE-2022-33114
Jfinal CMS v5.1.0 exists to contain a SQL injection vulnerability via the attrVal parameter at /jfinal_cms/system/dict/list.
Jflyfox Jfinal Cms 5.1.0
9.8
CVSSv3
CVE-2022-37199
JFinal CMS 5.1.0 is vulnerable to SQL Injection via /jfinal_cms/system/user/list.
Jflyfox Jfinal Cms 5.1.0
8.8
CVSSv3
CVE-2022-37209
JFinal CMS 5.1.0 is affected by: SQL Injection. These interfaces do not use the same component, nor do they have filters, but each uses its own SQL concatenation method, resulting in SQL injection.
Jflyfox Jfinal Cms 5.1.0
2 Github repositories
9.8
CVSSv3
CVE-2022-37223
JFinal CMS 5.1.0 is vulnerable to SQL Injection via /jfinal_cms/system/role/list.
Jflyfox Jfinal Cms 5.1.0
7.5
CVSSv3
CVE-2021-40639
Improper access control in Jfinal CMS 5.1.0 allows malicious users to access sensitive information via /classes/conf/db.properties&config=filemanager.config.js.
Jflyfox Jfinal Cms 5.1.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
camera
bypass
CVE-2024-3592
CVE-2024-37383
CVE-2024-24919
CVE-2024-27822
CVE-2024-36788
CVE-2024-36789
man-in-the-middle
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
NEXT »